Lion "nothing but win" for Mac users

If Apple didn’t have a decade-long practice of naming its Mac OS X releases after ever more intimidating big cats, one might take “Lion,” the moniker attached to Mac OS X 10.7, as outrageous hubris. As it turns out, Apple couldn’t have chosen a more meaningful totem. It’s been at least five years since Apple rolled so many user-relevant modifications into one OS release. Apple’s official watchword for the preceding release, OS X 10.6 Snow Leopard, was “refinement,” which speaks to a long-standing Apple policy of guarding the continuity of the Mac experience by building onto existing behavior instead of supplanting it. Lion takes several bold steps toward defining a new Mac experience.

The inspiration for this new Mac experience, of course, is iOS. Lion borrows a number of tricks from Apple’s iPhone and iPad operating system, including App Store distribution, multitouch gestures, and applications that save their state from session to session. Most of these enhancements, as well as deeper improvements such as application sandboxing and privilege separation, are Lion framework features that are available only in apps compiled for Lion and specifically configured to activate them.

At launch, Lion’s application framework-level enhancements are confined to Apple’s core bundled apps, including Finder, Mail, iCal, TextEdit, Safari, Terminal, QuickTime Player, and Screen Sharing. Apple green-lighted Lion software submissions to App Store just prior to Lion’s public release, so “made for Lion” titles should start appearing shortly. Lion brings multitouch navigation to the apps you’re running now, but only those apps that are specifically built for Lion can deliver on Lion’s greater goal, which is to steer users toward smarter, safer, more productive ways to create.

Lion shifts responsibility for protection and continuity from users and their human support systems to the platform, by making key best practices automatic and transparent. You may be too busy enjoying Lion’s iOS-inspired upscale driving experience to notice the fierce defenses arrayed to protect your data from thieves, vandals, and accidental loss, but you’ll benefit all the same. And while you can cling to your mouse and flip various switches that make the new system behave like OS X Snow Leopard, I strongly advise buying a Magic Trackpad and going native. If you’re a Mac professional who’s ready to evolve, Lion will show you what the next decade of computing will bring. At $29, it’s foolish not to take that trip.

Media-free install

Lion is the first OS X to be delivered entirely via electronic distribution. For consumers, buying and installing Lion couldn’t be easier: Go to the App Store, find Mac OS X Lion, buy it, download the software (not quite 4GB), and click the Install button in the download list. That launches an installation app that copies a few files, then reboots into the Lion install. Once the progress bar pops up, you can walk away. My average install time for an in-place upgrade from Snow Leopard was around 30 minutes on all three of the Macs I tested (a quad-core Core i5 iMac, Thunderbolt MacBook Pro, and 15-inch Core 2 Duo MacBook Pro).

Even though Lion is packaged like an app, it can’t be uninstalled after an upgrade. If you want to take Lion for a spin before committing to an in-place upgrade, you can install it to a dedicated partition on your Mac’s internal or external disk. To perform a nondestructive Lion upgrade, install Lion to its own partition, boot into Lion, and run Apple’s Migration Assistant utility.

Apple’s Lion licensing is more than liberal. Individuals can legally install one purchased copy of Lion on all of the Macs they own or control. It’s strictly honor system—no install keys or online activation. You can buy Lion once and download it as often as needed from any Mac. The Lion installer app can be copied from Mac to Mac using your LAN or a flash drive. Just drop the installer into the Applications folder and double-click to install the OS.

Naturally, I’ve described the license policy for consumers, but Apple has said the same policy applies to businesses and other organizations: one license covers all the Macs an employee uses (so one license per employee; IT can buy them in bulk at the new Business App Store). For shared Macs, such as those in kiosks and conference rooms, the license applies to that single Mac.

Working with apps

In Lion as in iOS, touch is king. If you’re going to run Lion on a desktop Mac, get a Magic Trackpad. While prior OS X releases have supported multitouch gestures on Mac notebooks, the dominance of the mouse on Mac desktops and docked notebooks kept Apple from wiring too much touch-exclusive functionality into the OS. Lion is an iPad-inspired full reboot of OS X’s touch interface. Apple did away with Exposé and Spaces as add-ins, reworking and combining their features with touch in mind and pulling them into the core OS X GUI.

Exposé still provides a tiled view of the front-most app’s open documents, but it has a new counterpart in Mission Control. When you bring up Mission Control (via three-finger upward swipe, pressing F3 for a Snow Leopard upgrade or Control-up arrow for a clean Lion install, or pushing the pointer into a hot corner), you get a single-screen view of everything that’s running on your Mac. From here, you can quickly preview and jump to any Spaces desktop, app, or open document. You can also create and delete desktops with one click.

Full-screen apps are new to Lion, and just as on the iPad, they’re a brilliant way to manage multiple applications in limited space. Applications that support it display a two-headed arrow on the right side of their title bar. Click that, and the app takes over the whole display. The menu bar and window chrome disappear, and toolbars are pared down to an application-defined minimum. The one full-screen app that’s always open and always positioned as the first desktop is Dashboard. You can flip among desktops using a three-finger horizontal swipe.

Full-screen is a Lion framework feature. A feature in this category works only in apps that are compiled for Lion (or later) and specifically configured to activate that feature. In some cases, it’s as simple as opting in, but other features require substantial code changes and fresh App Store validation. Several of Lion’s core bundled apps—Safari, Preview, TextEdit, and Finder, among others—are good showcases of the sort of framework features that future Lion apps will pick up.

The Lion framework also brings application and session-level resume to the Mac. When you exit an application, Lion memorizes your open documents, the position of your windows, the text you’ve selected, and the location of the cursor. When you relaunch the app, all of this state is restored so that you can pick up your work where you left off.

Session resume builds on this, kicking in when you log off, shut down, or reboot. When you log back in, all of your open apps are relaunched, desktops are arranged as you left them, and each app’s state is restored as described above. You can easily opt out of this behavior if you’d like a fresh start instead.

Application resume—and, therefore, session resume—works best but not exclusively with Lion apps. Older apps will vary in their behavior at relaunch. Office 2011, for example, reopens documents and restores window positions but doesn’t deal with the cursor or selected text.

Working with files

Lion implements file protection at two levels: system and framework. At the system level, Apple has added hourly local snapshots to protect users who either don’t use Time Machine for backups or are disconnected from Time Machine for long stretches. Local snapshots can recover inadvertently deleted or altered files and folders. As with Time Machine, you can revisit the state of any folder as it existed at a particular point in time. But unlike Time Machine, snapshots don’t protect you from disk failure.

A different kind of protection that’s implemented at the system level is full-volume encryption. FileVault previously allowed individual users to encrypt their home folders, but did not guard data stored elsewhere in the system. Lion’s FileVault has been accelerated to reduce processing overhead, and now any entire physical disk—even your boot disk—can be encrypted. To encrypt a disk other than the startup disk, you enable encryption when you format it; only the startup disk can be encrypted after it is formatted.

You can also use Lion’s FileVault to encrypt a Time Machine backup so that none of your data is in the open. At your command, Lion’s FileVault will destroy the encryption key on the disk, rendering it permanently unreadable to anyone.

In apps that support it, Versions stores the changes you've made since the last save instead of overwriting your document. You can browse a history of changes in a Time Machine-like interface.Lion apps can enable two framework-based file protection features: autosave and versions. Autosave is self-descriptive, but instead of saving once every few minutes, Lion’s autosave works constantly in the background to keep the data on disk in sync with the documents on the screen. At shutdown, apps that implement autosave can save open documents without asking whether that’s what you want. Lion can also terminate a long-idled application if memory gets tight, but only if the app opts in to this behavior.

In an app that supports versions, every time a document is saved, instead of overwriting the entire file, Lion invisibly records only the changes made since the previous save. Option-clicking on the file’s name in the title bar pulls down a menu that lets you display a Time Machine-like interface to browse through all saved versions of the file. The current version is presented side by side with any historical version you choose. You can revert the entire document with one click, or copy and paste contents from one or more older versions into the new one. You can see versions in action in TextEdit.

Versions works transparently, but you can easily tell if an app implements it: The File menu’s familiar Save As option is replaced with Duplicate. Note that the Versions feature does not save the incremental changes in the document file itself, but to an invisible folder on your startup disk. Thus if you copy the file to any location (via the Duplicate command, in the Finder, or by emailing it), only the final version of the document is sent. That means no one can inadvertently see your changes, but it also means you have to keep the file in its original location to have the previous versions accessible to you.

Finder's new All My Files view groups files by type rather than location. Scrollable rows of icons make good use of limited screen space.Finder has undergone a fairly extensive overhaul. One new feature that can catch you off-guard is the new All My Files view, which is shown by default when Finder launches. This creates a list of all user-related files on the system, ignoring folder hierarchy and bundling them instead by selected criteria, such as kind, application, date, or label. If Grouping is selected in icon format, each group is shown as a scrollable row of icons.

Finder’s other new feature of note is search suggestions. If you type “pd” into Finder’s search field, you’ll not only see a list of files containing that pattern, but a menu appears that suggests doing a “kind” search for PDF documents. Click on the suggestion to perform that search.

You may not need to resort to Finder for searches. Good old Spotlight has been wired for Quick Look and drag and drop for its results, and hovering over a result displays a preview in a popover window.

Networking and collaboration

There are lots of ways to move files across a network, but they all require enough advance setup that sneakernet remains a popular option. Lion lets you swap files wirelessly between your notebook and desktop Macs, or with a group of people you just met at a conference. Clicking the AirDrop icon in Lion’s Finder instantly sets up and globally advertises a special ad hoc wireless node.

All Lion users running AirDrop can see each other, provided they’re in Wi-Fi range and have a late-2008 or newer Mac model (older versions don’t have the Wi-Fi chipset required to support AirDrop). You never see a remote Mac’s files, only a named icon that works as a drop zone for the files you want to copy. It’s secure—every transfer requires the recipient’s permission, and closing or navigating out of Finder’s AirDrop view makes you vanish from other users’ screens.

Mac users that work in a Windows environment will be pleased to discover that Lion integrates fairly robust support for Microsoft DFS. Prior versions of OS X required third-party software to enable access to DFS shares.

In addition to supporting Exchange Server 2010, Mail has a new space-efficient layout that displays message summaries on the left and multiple message bodies on the right.The bundled Mail app, which has always had a purely utilitarian feel to it, has received a thorough overhaul. Under the hood, Apple has added Exchange Server 2010 compatibility, including the ability to set your vacation response. Mail’s new default layout nixes the inbox list to create a clean two-column interface: message summaries on the left, message content on the right. Each summary includes a few lines of the body and makes good use of typography to distinguish each message element. Messages are grouped into conversations by subject line, and you can see the full content of all related messages in one continuously scrollable view by clicking on the last message in the thread. This adds up to quicker inbox triage and less digging through past messages to make sense of replies.

Time to upgrade

Lion is nothing but win for nearly all Mac users. The only users who won’t benefit from Lion are those who remain dependent on PowerPC applications. Rosetta, the PowerPC instruction translator that allowed pre-Intel apps to run on Snow Leopard, is no more. Universal apps that include PowerPC and Intel code will run on Lion, but if you’re dependent on PowerPC software that you can’t upgrade, it’s best to stick with Snow Leopard.

Among professional users and shops with multiple Macs, Lion is about much more than pervasive multitouch support. Lion has plenty of features for serious users. It compensates for several best practices that professionals routinely skip. It stems accidental data loss through versions, autosave, and local snapshots. Macs are multi-user by nature, and with Lion it’s now possible for several remote users to share a Mac, with each user getting a dedicated virtual session that doesn’t interfere with the console. Apple’s policies on virtualization have relaxed considerably, allowing you to run up to three simultaneous OS X instances on a single Mac. Yes, it must still be a Mac, but previously you had to purchase a full-price license to run OS X Server as a virtual guest, and OS X client guests were forbidden.

Serious users have to appreciate the multi-layered security that’s new to Lion. At the lowest level, full disk encryption makes your machine useless to anyone who doesn’t have your password. In the OS, virtual memory pages are randomized so that overflow or insertion exploits are likely to expand into unallocated memory and trigger a fault. Application sandboxing limits program access to system resources during operation. An app must list the privileges it requires (“entitlements”) when it is submitted to the App Store or otherwise signed. Apple will scrutinize App Store submissions to ensure that any potentially risky entitlement is backed by a convincing rationale. An app that asks for too much will be denied. At run time, sandboxed apps (soon, all Lion apps in the Mac App Store will have to be sandboxed) crater if they try to perform any unapproved action. If malicious code is somehow attached to a sandboxed app, that malware is subject to the same limitations as the app itself. As soon as it tries to do anything nefarious, the app will be terminated. Signed apps with explicit entitlements are a powerful defense, and App Store creates a line of accountability to the developer.

Lastly, groups of Lion users, or a mix of iOS and Mac users in a business setting, will benefit greatly from setting up a server, whether it’s a dedicated machine like a Mac mini or Mac Pro or even an iMac desktop with server duties. Once you put a Lion Server in place, Profile Manager will be a godsend. As far as justifying a Lion upgrade for your Macs, realize that $29 for Lion and $49 for Lion Server buy you a marvelous degree of remote configuration, policy enforcement, and a self-service Web portal that lets users reset their own forgotten passwords. There’s more to Lion Server than that, but that alone is well worth having.

There have been incremental OS X upgrades that you could take or leave. Lion isn’t like that. Apple is no longer afraid to tell users who don’t upgrade, “You’re going to be left behind.” That which is new in Lion will not be backed into Snow Leopard. Unless I miss my guess, by this time next year a preponderance of apps on Mac App Store will list “Lion and later” as required. Apple has made leaping to Lion affordable, easy, fun, and safe. If you’re wired to wait for the second or third point release, suit yourself. I’ve converted a facility with eight Macs, machines that I rely on to make a living, from Snow Leopard to Lion with no migration hassles. It’s time to upgrade to Lion.